Request Demo

2024R1.0.1

  • January 16, 2024

Security

  • Fix an privilege escalation vulnerability in the System Profile component (Thanks to Matthew Bach from Hack The Box Ltd for reporting this) [GL:XI#532] – KF
  • Fixed XSS vulnerability in NOC screen (Thanks Cosmin-Constantin Cojocaru for reporting this issue) (CVE-2023-51072) [GL:XI#568] – DA
  • Removed world read permissions from resource.cfg [GL:XI#256] – DA

Updated

  • Corrected formatting of admin-provided user data [GL:XI#548] – JM
  • Improved icons and help text in page footer [GL:XI#530] – GW
  • Improved troubleshooting experience for AD/LDAP debugging [GL:XI#474,GL:XI#585] – SAW,SG
  • Improved performance on systems that monitor many NCPA nodes by adjusting check_ncpa.py timeout [GL:XI#507] – SG
  • Disallow use of wildcard selector for restricted CCM users [GL:XI#174] – GW
  • Updated icons in the System Component Status dashlet [GL:XI#529] – GW
  • Fix an issue with dark mode in user macros page [GL:XI#524] – SG
  • Restored “Home” menu link when Custom Logo component is in use [GL:XI#550] – CN

Removed

  • Removed uses of deprecated strftime function [GL:XI#489] – JS

Added

  • Added timestamps to logs found in /usr/local/nagiosxi/var/ [GL:XI#65] – CD
  • Added convenience script to load MySQL passwords from configuration files [GL:XI#509] – DA

Fixed

  • Fixed an issue where users would not be able to upgrade to XI 2024R1 if they changed their root MySQL password [GL:XI#588] – SAW
  • Fixed an issue where the CCM would prevent some valid service dependencies from being configured [GL:XI#113] – GW
  • Fixed UI visibility issues when using the Migrate Server feature in dark mode [GL:XI#435] – KV
  • Fixed minor UI issues when completing a configuration Wizard [GL:XI#538] – GW
  • Fixed an issue in BPI where dropdown chevron was pointing in the wrong direction on page refresh [GL:XI#513] – GW
  • Fixed PDF report generation on reports with large amounts of data [GL:XI#350] – DA
  • Fixed missing debug logging in the AD/LDAP configuration on Enterprise Linux 8 and 9 [GL:XI#442] – DA
  • Fixed inconsistent file permissions related to the Network Switch/Router Wizard on Ubuntu [GL:XI#471] – SG
  • Fixed issue where the SLA Report, Capacity Planning Report, and Audit Log were incorrectly blocked for some users with valid enterprise trials [GL:XI#522] – GW
  • Fixed Graph Explorer icons not working for hosts that have a space in their hostnames [GL:XI#470] – GW
  • Fixed PHP warnings when adding a service in the CCM [GL:XI#484] – GW
  • Fixed an issue where timezone changes were not correctly applied on Enterprise Linux 9 [GL:XI#458] – GW
  • Fixed two cases where the Bulk Modifications tool would crash when modifying more than 200 hosts or services [GL:XI#373] – JS
  • Fixed an issue where the recurring downtime background job would have mutliple processes running at once [GL:XI#309] – SG
  • Fixed an issue where the recurring downtime background job would log errors when modifying empty host groups [GL:XI#309] – SG
  • Fixed an issue where Highcharts graphs would use online exporting when local exporting was selected [GL:XI#29] – AC
  • Fixed an issue where MRTG files would not have the correct permissions set on upgrades [GL:XI#38] – BB
  • Fixed a divide-by-zero issue and some warnings in metrics component [GL:XI#512] – GW
  • Fixed an issue where new user tours would sometimes fail to reset [GL:XI!426] – BB
  • Fixed an issue where the notifications history page would not save parameters when saved as a view [GL:XI#146] – BB